Re: CVE-2017-5715
Le 30/03/2022 à 07:07, Salvatore Bonaccorso a écrit : Sylvestre and Holger, would you have time to include the bugfix as well in the future bullseye point release? Sure, should be easy. Is there a timeline? Cheers, Sylvestre
Re: Bug#645881: critical update 29 available
Le vendredi 21 octobre 2011 à 08:41 +0200, Moritz Muehlenhoff a écrit : On Wed, Oct 19, 2011 at 06:20:12PM +0200, Torsten Werner wrote: Hi Philipp, Am 19.10.2011 16:33, schrieb Philipp Kern: Or it's the removal of the package. we should remove sun-java5 from oldstable, too, if we are going to remove sun-java6 from (old)stable. But I do not have a strong opinion on that. In any case we should go ahead with the removal from unstable ASAP. OK. I will fill a request tonight. As for stable/oldstable: I noticed that Red Hat provided packages for update 29 for RHEL 4 (RHEL 5 onwards use OpenJDK): http://lwn.net/Articles/463919/ Well, I wonder how (if ?) they can do that... Sylvestre -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1319189695.2676.3.ca...@pomegues.inria.fr
Re: Bug#645881: critical update 29 available
CC debian release security Le mercredi 19 octobre 2011 à 12:21 +0200, Thijs Kinkhorst a écrit : Upstream has released Java SE 6 update 29 yesterday: http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html with security fixes. Well, that especially means that it is now time to consider the removal of sun-java6 from Debian. We, the distros, are no longer allowed by Oracle to redistribute this version [1] [2]. The OpenJDK (6 or 7) is now the way to go. About stable, I don't know what the security team would recommend here ?! Thanks, Sylvestre [1] http://sylvestre.ledru.info/blog/sylvestre/2011/08/26/sun_java6_packages_removed_from_debian_u [2] http://jdk-distros.java.net/ The DLJ has finally been retired, and so has been this project. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1319021415.28383.181.ca...@korcula.inria.fr
Re: sun-java6 updates for {old,}stable?
Le lundi 21 février 2011 à 13:11 +, Dominic Hargreaves a écrit : Hello, Are there any plans to update the sun-java6 packages in lenny and squeeze for the recent floating point DoS issue? Yes: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613723 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613741 Sylvestre -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1298295104.6857.7425.ca...@korcula.inria.fr